Marking Personal Fields
GDPR defines personal data as any information relating to an identified or identifiable natural person (i.e. the data subject). There is a wide range of personal data that includes email addresses, location, mobile numbers, identification numbers, etc. In Vertical Solutions, fields with such data can be marked as personal fields and can further be categorized as Normal or Sensitive. While GDPR aims to protect all the personal data, there is a special category within that which can be termed as sensitive personal data. One needs to take extra care in handling sensitive data as it might include information concerning health, medical records, financial details, biometric data, religious information or any other data that uniquely identifies the data subject.
In Vertical Solutions, under Setup > Users and Control > Compliance Settings > Preferences, you would have selected the modules that contain data subject's personal information and which needs to be GDPR compliant. The option to Manage Personal Fields will be available only in those modules under the Data Privacy section. When fields are marked as personal, data from those fields will not be transferred or shared in the following instances: data export, API usage and integrations with other natively integrated apps such as Projects, Books, Expense, etc.,
Manage Personal Fields
You can mark fields as personal from two places.
- From the Modules list page.
- While editing a Layout
To manage personal fields from the Modules page
1. Click Setup > Customization > Modules and Fields.
2. Hover you mouse pointer to the module that contains data subjects' personal information.
3. Click Manage Personal Fields from the list of options.
This option will be available only in those modules that you had selected under Setup > Users and Control > Compliance Settings > Preferences.
4. In the Personal Fields section, click Mark Personal Field.
5. In the popup, select a field from the drop-down list.
Auto-Number, Formula, User and Lookup type fields cannot be marked as personal and hence, these fields will not be available in the drop-down list.
6. Select Normal or Sensitive to specify the kind of data that the field holds.
7. Click Add Field to mark more fields as personal.
You can mark up to 30 personal fields per module.
8. Click Done.
To manage personal fields from the Layouts page
1. Click Setup > Customization > Modules and Fields.
2. Click on a module that contains data subjects' personal information.
3. Choose a layout.
4. In the Layout Editor page, click on the More icon for a field that you want to mark as a personal field.
Auto-Number, Formula, User and Lookup type fields cannot be marked as personal.
5. Click
Edit Properties.
a. In the [Field] Properties popup, select the Contains Personal Data checkbox.
b. Select Normal or Sensitive to specify the type of data.
c. Click Done.
6. Click Save to save the changes made to the layout.
Note:
- Auto-Number, Formula, User and Lookup type fields cannot be marked as personal.
- You can mark a field as personal in subforms also.
- In a subform, while adding aggregate fields, please note that Aggregate and Formula fields cannot be marked as personal. Whereas, under New Fields, Number, Currency and Decimal can be marked as personal.
- Associated Items - While using webhooks, functions, email templates and integrations with Vertical Solutions, there is a possibility that your personal fields' data is shared outside the solutions. To avoid such cases, you can click on the Information icon to see where the particular field is being used. That will help you decide and take necessary action as required.
View Personal Fields under Data Privacy Section
The Data Privacy section for a record also contains details about the personal fields. It lists the number of fields that are marked as Sensitive and the ones as Normal.
To view personal fields
1. Click open the data subjects record in your Solutions account.
The record could be in the Leads, Contacts, Vendors or any other custom module for which GDPR Compliance is enabled.
2. Click Data Privacy.
Under the Personal Data section, the number of Sensitive and Normal fields details are available.
3. Hover your cursor on the number to view the fields with the values for the selected record.
Personal Data Handling
You may have marked some personal data as normal and others as sensitive. Vertical Solution gives you the option to decide which type of personal data you want to restrict from being accessed through APIs or other applications that are integrated with solutions. The following options are available to protect data subject's personal data being shared across other sub processors.
Restrict Data Transfer to Zoho Apps and Third-Party Apps
To run your business, you may use multiple tools, from email service providers, customer relationship management systems to collaboration platforms. Many a times, these applications are tightly integrated and your customers' data is shared among these platforms. It is essential that these third-party processors you use are also directly and legally obligated to be in compliance with GDPR. To protect your customers' data, Solutions has the option to restrict sharing of personal data to Zoho apps and third party applications integrated with your solutions account.
The following table will give you the details of the various integrations and the implications when personal data is restricted. There are certain fields that are mandatory for an integration. For example, for the Projects integration, Email is a mandatory field. If you mark email as a personal field, the data will not be sent from Solutions to Projects. You can find more such details in the tables below.
*Please note that First and Last Name cannot be marked as personal fields.
Integration with Zoho Apps
| Integrations with Zoho Apps | Fields mandatory for the integration | What happens when personal data is restricted? |
| Projects | Client user will not be added through project creation or association. | |
| Finance Suite (Books,Expense,Subscriptions) | Last Name and Email | Data will not be pushed from the solution org |
| Zoho Recruit | Data will not be pushed from Zoho CRM. | |
| Zoho Cliq | NA | Details other than those from the personal fields will be shared via Zoho Cliq. |
| Analytics | NA | If one of the previously synced field is restricted, then reports based on those fields will be deleted. |
| Forms | NA | NA |
| Sign | NA | NA |
| Campaigns | NA | NA |
| Sales IQ | NA | NA |
| Survey | NA | NA |
Integrations with Third-party Apps
| Integrations with Other Apps | Fields mandatory for the integration | What happens when personal data is restricted? |
| Microsoft Office 365 | First Name | As First Name cannot be marked as a personal field, the integration will work as usual. |
| Microsoft Outlook | First Name | As First Name cannot be marked as a personal field, the integration will work as usual. |
| Google Contacts | First Name | As First Name cannot be marked as a personal field, the integration will work as usual. |
| Slack | NA | Details other than those from the personal fields will be shared via Slack. |
| Android or iOS Speech Recognizer (Zia Voice) | NA | Only call to Zia action will be disabled, the chat with Zia option will work as usual. |
To restrict data transfer to Zoho applications
- Click Setup > Users and Control > Compliance Settings > Preferences.
- In the Personal Data Handling section, toggle on Restrict Data Transfer to Zoho Apps to enable it.
- Review the implications and click Restrict Personal data to proceed.
- Select one of the following from the Data Type drop-down:
- Only Sensitive data - Values from all the sensitive personal fields will not be transferred through third-party integrations.
- Normal and Sensitive data - Values from both the normal and sensitive personal fields will not be transferred through third-party integrations.
- Click Save.
To restrict data transfer to third-party applications
- Click Setup > Users and Control > Compliance Settings > Preferences.
- In the Personal Data Handling section, toggle on Restrict Data Transfer to Third-party Apps to enable it.
- Select one of the following from the Data Type drop-down:
- Only Sensitive data - Values from all the sensitive personal fields will not be transferred through third-party integrations.
- Normal and Sensitive data - Values from both the normal and sensitive personal fields will not be transferred through third-party integrations.
- Select the integrations from the Apps drop-down list for which you want to restrict data transfer.
- Click Save.
Restrict Data access through API
Using API, other applications can connect to your Solutions account and data can be transferred. When data is transferred via API, you need to ensure that personal data of your customers are not shared without a purpose. For data security, Vertical Solution has the option to restrict the sharing of personal data through API.
When data is restricted, you can neither update personal data (for the marked fields) in Vertical Solutions nor share the data outside the system via APIs.
To restrict data access through API
- Click Setup > Users and Control > Compliance Settings > Preferences.
- In the Personal Data Handling section, toggle on Restrict Data access through API to enable it.
- Select one of the following from the Data Type drop-down:
- Only Sensitive data - Values from all the sensitive personal fields will not be accessed through APIs.
- Normal and Sensitive data - Values from both the normal and sensitive personal fields will not be accessed through APIs.
- Click Save.
* In the above image "Zylker Travels CRM" is an example solution's name.
Restrict Data in Export
There maybe instances when you have the requirement to export data and for security reasons, you would not want the personal data to be exported. For such cases, you can restrict the personal data (normal and sensitive) from being exported. This includes exporting reports and updating data using in Sheet view. Please note the following when you restrict personal data for the export action.
- In Sheet view, personal fields will not be available.
- When you export a report, all the fields' data will be exported except the ones in personal fields. Same is the case for scheduled reports.
- Matrix reports require fields for rows and columns. If any one of the field is a personal field (which cannot be exported) then the matrix report will not give accurate data. Hence, matrix reports with personal fields can be created but will not be exported. Same is the case for matrix scheduled reports.
- When will a report not get exported:
- If a personal field is used for the Columns to Total option.
- In a Summary report, if personal fields are used in grouping columns.
- In a Matrix report, if personal fields are used to Subtotal By column or row.
To restrict data in export
- Click Setup > Users and Control > Compliance Settings > Preferences.
- In the Personal Data Handling section, toggle on Restrict Data in Export to enable it.
- Review the implications and click Restrict Personal data to proceed.
- Select one of the following from the Data Type drop-down:
- Only Sensitive data - Values from all the sensitive personal fields cannot be accessed in the exported data.
- Normal and Sensitive data - Values from both the normal sand sensitive personal fields cannot be accessed in the exported data.
- Click Save.
Access your files securely from anywhere
Zoho CRM Training Programs
Learn how to use the best tools for sales force automation and better customer engagement from Zoho's implementation specialists.
Zoho DataPrep Personalized Demo
If you'd like a personalized walk-through of our data preparation tool, please request a demo and we'll be happy to show you how to get the best out of Zoho DataPrep.
- Zoho Workerly Home
- Forums
- Connect With Us:
- Zoho Recruit Home
- Forums
- Connect With Us:
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho CRM Plus?
Deliver unforgettable customer experiences
New to Zoho Marketing Plus?
Everything you need to run your marketing
New to Zoho Marketing Plus?
Everything you need to run your marketing
You are currently viewing the help pages of Qntrl’s earlier version. Click here to view our latest version—Qntrl 3.0's help articles.
New to Zoho Survey?
Zoho Sheet Resources
Zoho Forms Resources
New to Zoho Sign?
Zoho Sign Resources
Sign, Paperless!
New to Zoho TeamInbox?
Zoho TeamInbox Resources
New to Zoho ZeptoMail?
Zoho DataPrep Resources
Design. Discuss. Deliver.
New to Zoho Workerly?
New to Zoho Recruit?
New to Zoho CRM?
New to Zoho Projects?
New to Zoho Sprints?
New to Zoho Assist?
New to Bigin?
Related Articles
HIPAA Compliance with Zoho Developer - Vertical Solutions Platform
ZohoDeveloper - Vertical Solutions Platform is currently available in developer.zoho.com and developer.zoho.eu and is expected to release in developer.zoho.in and in developer.zoho.com.au. The Health Insurance Portability and Accountability Act ...Standard Modules and Fields
Vertical Solutions provides you with a few standard modules that you can readily use. These predefined modules come with a set of default fields and layout. When you create a new solution from your Developer account, you can select the standard ...Customization - Creating Custom Fields
This guide will help you with the following: Custom Fields Custom Field Limits Add Custom Fields Edit Custom Fields Delete Custom Fields Create Currency Fields Add Pick List Values Add Multi-Select Pick List Values Create Lookup Field Create Auto ...Setting up Fields & Links Permissions
Set Access Permissions for Fields With the field-level security, you can allow your customers to control the access rights of CRM fields for various profiles. This will ensure smooth security at the field-level, allowing users to access the fields ...Creating New Modules and Fields
The guide will help you with the following: 1. Manage custom modules Add a new module Edit a custom module Delete a custom module 2. Manage custom fields Add a custom field Edit a custom field Delete a custom field Create a currency field ...
New to Zoho LandingPage?
Zoho LandingPage Resources